I have an external secret that contains certificate, keystore and truststore generated by cert-manager. So it contains keystore.jks, truststore.jks + some other files. I need to use this keystore.jks in my application, but it expect specific name of the keystore (something like client_certificate.jks) that I can't change now. For now I solve it this way:
- mountPath: /app/secret/client_certificate.jks
name: cliet_certificate
subPath: keystore.jks
readOnly: true
but I've read (https://kubernetes.io/docs/concepts/storage/volumes/#using-subpath)
A container using a Secret as a subPath volume mount will not receive Secret updates.
Is there an option how to do it other way? I had an idea to use something like symlink, but not sure how to configure it properly.
The secret can be mounted into folder which will hold all the files in secret.
Below will be sample.
- volumeMounts:
name: sec-vol
mountPath: "/app/secret/"
volumes:
- name: sec-vol
secret:
secretName: mysecret
In docker entry / dockerfile create a symbolic link to file
ln -s /app/secret/key.jks <desinationfolder>/key.jks